Protection Policy Center - Backup and Disaster Recovery Center

To simplify the process of configuring data protection solutions for resources under your account, such as Elastic Compute Service (ECS), Object Storage Service (OSS), and File Storage NAS (NAS) resources, Backup and Disaster Recovery Center (BDRC) provides the Protection Policy Center feature. Protection Policy Center offers a unified entry point to help you configure and monitor data protection solutions for multiple types of resources in batches. This topic describes Protection Policy Center, including its application scope and limits, and also describes how to create protection policies.

Introduction

Protection Policy Center provides unified management and configuration of protection policies for ECS, OSS, and NAS resources, simplifying the operation process.
The BDRC console provides alert notifications. You can receive timely reminders when protection policies fail to execute or other abnormal situations occur. For more information, see Message Center.
You can flexibly select and configure sub-protection policies based on different business requirements, such as configuring automatic disk snapshot policies, configuring cloud backup policies, enabling the NAS recycle bin feature, and enabling OSS versioning.
You can associate protection policies with specific resource categories to ensure that important resources are effectively protected.

Application scope and limits

Protection policies only support applying sub-protection policies to resources, such as configuring automatic disk snapshot policies, configuring cloud backup policies, enabling the NAS recycle bin feature, and enabling OSS versioning.
When creating or editing a protection policy, you can use automatic disk snapshot policies and cloud backup policies in the same region as sub-protection policies. The BDRC console does not support directly creating, modifying, or deleting automatic disk snapshot policies and cloud backup policies. To perform these operations, you need to go to the console of the corresponding product.
Protection policies are region-specific and can be applied only to resources of specified resource categories in the same region. Make sure that your protection policies are created in the correct region and associated with resources of the correct resource categories.
If you do not configure a specific sub-protection policy or you delete a protection policy, BDRC does not automatically disassociate sub-protection policies that have already been applied to resources. For example, BDRC will not disassociate automatic disk snapshot policies and cloud backup policies, disable the NAS recycle bin feature, or pause OSS versioning. If you need to disassociate applied sub-protection policies, you must go to the console of the corresponding product.
An ECS disk can be associated with only one automatic snapshot policy. If an ECS disk has already been associated with another automatic snapshot policy, the sub-protection policy will not be applied to that disk.
If a NAS file system has already enabled the recycle bin feature with a retention period different from the sub-protection policy, the sub-protection policy will not be applied to that file system.
Cloud Backup supports associating multiple backup policies with one resource. If a resource has already been associated with other backup policies, applying the sub-protection policy to that resource may cause the resource to be associated with multiple backup policies.
Sub-protection policies for ECS files, self-managed databases on ECS, and Tablestore are not supported. If needed, you can go to the Cloud Backup console to perform these operations.
You can create no more than 10 protection policies.
For the supported regions, see Region-specific features.

Procedure

Log on to the BDRC console.
In the left-side navigation pane, click Protection Policy Center. Switch to the region where your resources are located, and click Create Protection Policy.

In the Create Protection Policy panel, enter a custom name (unique and no more than 128 characters) in the Protection Policy Name field, configure Sub Protection Policy, and then click OK.

Resource Type	Protection Scheme	Sub Protection Policy
Elastic Compute Service (ECS)	Cloud Disk Snapshot	Not configured by default. You can select an automatic disk snapshot policy that has been created in the ECS console from the drop-down list. You can also click Create to go to the ECS console and create a new automatic snapshot policy. After creation, click Refresh, and then select the created policy from the drop-down list. Note If a disk already has an automatic snapshot policy configured, the current automatic snapshot policy will not be applied to the disk.
Object Storage Service (OSS)	OSS Versioning	Not configured by default. You can select Enable from the drop-down list.
Object Storage Service (OSS)	OSS Backup	Not configured by default. You can select a cloud backup policy that has been created in the Cloud Backup console from the drop-down list. You can also click Create to go to the Cloud Backup console and create a new backup policy. After creation, click Refresh, and then select the created policy from the drop-down list.
File Storage NAS	NAS Recycle Bin	Not configured by default. You can select Enable from the drop-down list. The retention period is 3 days by default. You can also specify a custom retention period, ranging from 1 to 180 days. Note If a NAS file system has already enabled the recycle bin feature, the current recycle bin configuration will not be applied to the file system.
File Storage NAS	NAS Backup	Not configured by default. You can select a cloud backup policy that has been created in the Cloud Backup console from the drop-down list. You can also click Create to go to the Cloud Backup console and create a new backup policy. After creation, click Refresh, and then select the created policy from the drop-down list.

After creating the protection policy, find it on the Protection Policy Center page, and click Associate in the Associated Resource Categories column. In the dialog box that appears, select one or more resource categories from the drop-down list, and then click OK. This way, the protection policy is associated with resources of the selected resource categories. For information about how to create a resource category, see Resource categorization.
Important
Protection policies can be applied only to resources of specified resource categories in the same region. Make sure your protection policies are created in the correct region and associated with resources of the correct resource categories.
Note
If you associate automatic disk snapshot policies and cloud backup policies with resources after creating a protection policy, BDRC will monitor these configurations. Once a configuration changes, related events will be delivered to Message Center.
After association, the protection policy will be applied to relevant resources in the region within 4 hours. View the values of Resource Count and Application Result in the Latest Application column. You can also click View All to check the application results for specific resources, or go to the console of the corresponding product to check the data protection status of resources.

Modify a protection policy

After a protection policy is created, you can click Edit in the Operation column to modify the protection policy. After modification, the protection policy will be applied to relevant resources in the region within 4 hours.

Delete a protection policy

After a protection policy is created, you can click Delete in the Operation column to delete the protection policy.

Important

Deleting a protection policy means that this protection policy will no longer be applied to resources, but it will not disassociate sub-protection policies that have already been applied to resources.